Listing of Claims : 

1, (Currently Amended) A method of accessing a service with fiast authentication 
and revocable anonymity, comprising the steps of: 

i) identifying and registering a client and providing the client with means 
configur e d to auth e nticat e for authenticating the client to an amonymous certification authority; 

ii) authenticating the client to the anonymous certification authority using the 
means provided in step i) and supplying the client with m e ans an anonymous certificate 
associated to a public key and configured to enable the client to authenticate the client 
anonymously to a server; 

iii) the client calculating data formed as a series of tokens, wherein an 
initialization token of the series of tokens is configured to enable an authentication session to be 
opened and tokens of the series of tokens other than the initialization token are configured to 
enable the authentication session to be maintained ; 

iv) authenticating the client by producing an anonymous signature of the 
initialization token, the signatures being obtained using a private key associated with said public 
key and opening and maintaining an anonymous authentication session with the server, wherein 
« said anonymous signature is a unique anonymous signature is used for eadi said authentication 
session; 

v) fv4 maintaining the anonymous authentication session with the aid of the series of 
tokens, thereby enabling the server to prove each of the actions of the client; and 

vi) selectively allowing contact between the server and the anonymous 
certification authority to revoke the anonymity of the client using the anonymous signature 
provided in step iii iy. 



2. (Currently Amended) The method according to claim 1 , further comprising: 
effecting communication between the anonymous certification authority and the server, before 
the authenticating of the client to the anonymous certification authority, whereby the server 
presents to said anonymous certification authority a request to obtain means enabling verification 
of the anonymous authentication supplied by a client. 

3. (Canceled) 

4. (Currently Amended) The method according to claim 3- i, wherein [[all]] each of 
the tokens of the series of tokens sate is configured for one-time use and each of the tokens of the 
series of tokens ase is strongly interdependent. 

5. (Currently Amended) The method according to claim 3- i, wherein the tokens of 
the series of tokens are calculated using two cryptographic primitives. 

6. (Currently Amended) The method according to claim & 4, wherein fee a first 
token Wi of the series of tokens is obtained by applying a hashing function H to a random 
number, #ie-a second token Wz of the series of tokens is obtained by applying the hashing 
function to the first token obtained, and so on until n tok e n s W fa-a fo - obtain e d: a token of rank n of 
the series of tokens defines the initialization token Wn as: 

H(Wo)=WiH(W„.i)=W„. 



7. (Canceled) 



8. (Canceled) 

9. (Currently Amended) The method according to claim ^ 6, wherein on each new 
authentication the client sends the server a token of the series of tokens of at least one unit lower 
rank than that previously used. 

10. (Currently Amended) The method according to claim 3- 6, wherein on each new 
authentication the client sends the server a token W; of the series of tokens whose rank (i) is 
representative of a value of an operation. 

11. (Currently Amended) The method according to claim 3- 6, wherein the steps are 
apphed to bidding and steps of the client submitting an increased bid are effected by sending 
successive tokens of lower rank. 

12. (Previously Presented) The method according to claim 1, further comprising using 
a group signature by associating a plurality of identifiers and respective private keys with a 
single group public key. 

13. (Previously Presented) The method according to claim 1, wherein the anonymous 
signature is a blind signature. 



14. (Previously Presented) The method according to claim 12, wherein a power to 
revoke anonymity is shared between two or more authorities. 

15. (Currently Amended) A system adapted to open and maintain an authentication 
session guaranteeing non-repudiation, wherein an anonymous signature unique to the session and 
comprising a series of tokens is used to open and maintain each session, the system comprising: 

means oonfigur e d - to - implemoHt for implementing three stages comprising : 

a first stage in which a client calculates the series of tokens, on e of the a n 

initialization token of the series of tokens being is configured to enable a the authentication 

session to be opened and another token of the series of tokens is being configured to enable the 

authentication session to be maintained; 

a second stage in which the client makes a strong undertaking to the server 

as to the series of tokens; and 

a third stage of maintaining the anonymous authentication session with the 

aid of the series of tokens , thereby enabling the server to prove each action of the client . 

16. (Previously Presented) The system according to claim 15, wherein the first stage 
calculates the series of tokens based on two cryptographic primitives, wherein the two 
cryptographic primitives are a hashing function and a random number. 

17. (Previously Presented) The system according to claim 15, wherein the system is 
configured to use a group signature by associating a plurality of identifiers and respective private 
keys with a single group public key. 



18. (Previously Presented) The system according to claim 15, wherein the imique 
anonymous signature is a blind signature. 

19. (Previously Presented) The system according to claim 15, wherein power to revoke 
anonymity is divided between two or more authorities. 

20. (Previously Presented) The method according to claim 5, wherein the two 
cryptographic primitives are a hashing function and a random number. 

21. (Previously Presented) The method according to claim 10, wherein the rank is 
representative of a number of bid increments. 



